Dumps4free
Discount Offer
Go Back on EC0-350 Exam
Available in 1, 3, 6 and 12 Months Free Updates Plans
PDF: $15 $60

Test Engine: $20 $80

PDF + Engine: $25 $99



Pass exam with Dumps4free or we will provide you with three additional months of access for FREE.

EC0-350 Practice Test

Whether you're a beginner or brushing up on skills, our EC0-350 practice exam is your key to success. Our comprehensive question bank covers all key topics, ensuring you’re fully prepared.


Page 5 out of 175 Pages

Topic 1: Volume A

In TCP communications there are 8 flags; FIN, SYN, RST, PSH, ACK, URG, ECE, CWR.
These flags have decimal numbers assigned to them:

FIN = 1
SYN = 2
RST = 4
PSH = 8
ACK = 16
URG = 32
ECE = 64
CWR = 128
Jason is the security administrator of ASPEN Communications. He analyzes some traffic
using Wireshark and has enabled the following filters.

What is Jason trying to accomplish here?


A.

SYN, FIN, URG and PSH


B.

SYN, SYN/ACK, ACK


C.

RST, PSH/URG, FIN


D.

ACK, ACK, SYN, URG





B.   

SYN, SYN/ACK, ACK



How do you defend against Privilege Escalation?


A.

Use encryption to protect sensitive data


B.

Restrict the interactive logon privileges


C.

Run services as unprivileged accounts


D.

Allow security settings of IE to zero or Low


E.

Run users and applications on the least privileges





A.   

Use encryption to protect sensitive data



B.   

Restrict the interactive logon privileges



C.   

Run services as unprivileged accounts



E.   

Run users and applications on the least privileges



How would you describe an attack where an attacker attempts to deliver the payload over
multiple packets over long periods of time with the purpose of defeating simple pattern
matching in IDS systems without session reconstruction? A characteristic of this attack
would be a continuous stream of small packets.


A.

Session Hijacking


B.

Session Stealing


C.

Session Splicing


D.

Session Fragmentation





C.   

Session Splicing



Maintaining a secure Web server requires constant effort, resources, and vigilance from an

organization. Securely administering a Web server on a daily basis is an essential aspect

of Web server security.

Maintaining the security of a Web server will usually involve the following steps:

1. Configuring, protecting, and analyzing log files

2. Backing up critical information frequently

3. Maintaining a protected authoritative copy of the organization's Web content

4. Establishing and following procedures for recovering from compromise

5. Testing and applying patches in a timely manner

6. Testing security periodically.

In which step would you engage a forensic investigator?


A.

1


B.

2


C.

3


D.

4


E.

5


F.

6


G.

7





D.   

4



Which of the following statement correctly defines ICMP Flood Attack? (Select 2 answers)


A.

Bogus ECHO reply packets are flooded on the network spoofing the IP and MAC
address


B.

The ICMP packets signal the victim system to reply and the combination of traffic
saturates the bandwidth of the victim's network


C.

ECHO packets are flooded on the network saturating the bandwidth of the subnet
causing denial of service


D.

A DDoS ICMP flood attack occurs when the zombies send large volumes of
ICMP_ECHO_REPLY packets to the victim system.





B.   

The ICMP packets signal the victim system to reply and the combination of traffic
saturates the bandwidth of the victim's network



D.   

A DDoS ICMP flood attack occurs when the zombies send large volumes of
ICMP_ECHO_REPLY packets to the victim system.




Page 5 out of 175 Pages
Previous